The exploit silently drops and runs a file called C:\Program Files\Update\winkey.exe. This is a keylogger that collects and sends everything typed on the affected machine to a server running at xsz.8800.org. And 8800.org is a Chinese DNS-bouncer system that, while not rogue by itself, has been used over and over again in various targeted attacks.
The exploit inside the PDF file was crafted to evade detection by most antivirus products at the time it was sent.
Somebody is trying to use pro-Tibet themed emails to infect computers of the members of pro-Tibet groups to spy on their actions.Of course, the pro-Tibet groups could avoid being pwn3d by the Chinese by the simple expedient of not using Windows or common software to open documents.
Given that hobbyist virus writing has largely disappeared (increasing penalties and the involvement of for-profit criminal enterprise have assured this), I doubt whether many would be written without financial motives (be they from botnets, identity theft or fees from intelligence agencies).
Knocking over Linux servers for use as redirectors for untraceable websites or botnet command hosts is big business, though pwning Linux on the desktop is unlikely to have much money in it.
re avoiding viruses by not using Windows ... After reading your piece on the anti-emo riots, I wonder if Windows fans (I don't mean actual MS employees) might take up writing Linux / MacOs / OpenOffice viruses just to harass the do-gooders?